valldrac
commented
8 months ago Here's how it works:
- If Molly doesn't have a proxy set up, it first tries the system's DNS. If that doesn't give any results or is wrong, it fallbacks to using DoH resolvers. This is to work in some environments that censors Signal blocking DNS.
- With a proxy configured, Molly only resolves using DoH, but it always forwards the requests through the proxy.
For the first scenario, if you don't want it to resolve through DoH, just block the connections in the firewall. As long as the system DNS resolves correctly, there won't be any issues.
As for the second scenario, there's no solution. Molly uses SOCKS (TCP-only) proxies and it needs to tunnel the DNS requests somehow; it can't use the system DNS because it would cause a DNS leak.
Is there an existing issue for this?
Bug description
My firewall catched Molly bypassing the system DNS using its own hardcoded DoH resolvers. I cannot stress enough how I do not want that to happen, especially when it is advertised nowhere and with no way to disable it. Honestly, this is malware-like behavior.
Important to note that when in proxy mode it does not even attempt to proxy DNS requests at all, it just force the use of these embedded DNS.
With AMOLED dark mode also being forced with no way to disable it too (#128), that's enough for me to uninstall the application.
Steps to reproduce
No response
Molly version
Latest
Android version
No response
Device
No response
Link to debug log
No response